package com.lottery.shiro;


import java.util.HashSet;
import java.util.Set;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import com.lottery.dao.MemberDao;
import com.lottery.dao.RoleDao;
import com.lottery.entity.Constants;
import com.lottery.entity.Member;
import com.lottery.entity.Role;

/**
 * <p>User: Zhang Kaitao
 * <p>Date: 14-1-28
 * <p>Version: 1.0
 */
public class UserRealm extends AuthorizingRealm {

    Logger logger = LoggerFactory.getLogger(UserRealm.class);
    @Autowired
    private MemberDao memberDao;
    @Autowired
    private RoleDao roleDao;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String username = (String)principals.getPrimaryPrincipal();
        Member member =memberDao.findMemberByAccount(username);

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.setRoles(findRoles(member.getRoleId()));

        return authorizationInfo;
    }
    public Set<String> findRoles(String roleId) {
        Set<String> roles = new HashSet<String>();
        if(StringUtils.isEmpty(roleId)){
        	logger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
        	logger.info("游客权限");
        	roles.add(Constants.visitor_role);
        }else{
        	Role role =roleDao.findOne(String.valueOf(roleId));
            if (role != null) {
            	logger.info(role.getRole());
                roles.add(role.getRole());
            }else{
            	logger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
            	logger.info("游客权限");
            	roles.add(Constants.visitor_role);
            }
        }
        return roles;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        String username = (String)token.getPrincipal();
        Member member= null;
        try{
             member = memberDao.findMemberByAccount(username);
            logger.info(member.toString());
        }catch (Exception e){
            logger.error(e.getMessage());
        }


        if(member == null) {
            throw new UnknownAccountException();//没找到帐号
        }

        if(Boolean.TRUE.equals(member.getLock())) {
            throw new LockedAccountException(); //帐号锁定
        }

        //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配，如果觉得人家的不好可以自定义实现
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
                member.getMemberAccount(), //用户名
                member.getMemberPassword(), //密码
                //salt=username+salt
                "12"  //realm name
        );

        return authenticationInfo;
    }


}
